Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(141)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/sync_policy.cc

Issue 41193002: Attempt3 at landing this. The previous attempt failed on Windows XP because the \Sessions\Session i… (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « sandbox/win/src/sync_policy.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <string> 5 #include <string>
6 6
7 #include "sandbox/win/src/sync_policy.h" 7 #include "sandbox/win/src/sync_policy.h"
8 8
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/strings/stringprintf.h"
10 #include "sandbox/win/src/ipc_tags.h" 11 #include "sandbox/win/src/ipc_tags.h"
12 #include "sandbox/win/src/nt_internals.h"
11 #include "sandbox/win/src/policy_engine_opcodes.h" 13 #include "sandbox/win/src/policy_engine_opcodes.h"
12 #include "sandbox/win/src/policy_params.h" 14 #include "sandbox/win/src/policy_params.h"
13 #include "sandbox/win/src/sandbox_types.h" 15 #include "sandbox/win/src/sandbox_types.h"
14 #include "sandbox/win/src/sandbox_utils.h" 16 #include "sandbox/win/src/sandbox_utils.h"
17 #include "sandbox/win/src/sync_interception.h"
18 #include "sandbox/win/src/win_utils.h"
15 19
16 namespace sandbox { 20 namespace sandbox {
17 21
22 // Provides functionality to resolve a symbolic link within the object
23 // directory passed in.
24 NTSTATUS ResolveSymbolicLink(const std::wstring& directory_name,
25 const std::wstring& name,
26 std::wstring* target) {
27 NtOpenDirectoryObjectFunction NtOpenDirectoryObject = NULL;
28 ResolveNTFunctionPtr("NtOpenDirectoryObject", &NtOpenDirectoryObject);
29
30 NtQuerySymbolicLinkObjectFunction NtQuerySymbolicLinkObject = NULL;
31 ResolveNTFunctionPtr("NtQuerySymbolicLinkObject",
32 &NtQuerySymbolicLinkObject);
33
34 NtOpenSymbolicLinkObjectFunction NtOpenSymbolicLinkObject = NULL;
35 ResolveNTFunctionPtr("NtOpenSymbolicLinkObject", &NtOpenSymbolicLinkObject);
36
37 NtCloseFunction NtClose = NULL;
38 ResolveNTFunctionPtr("NtClose", &NtClose);
39
40 HANDLE symbolic_link_directory = NULL;
rvargas (doing something else) 2013/10/24 22:18:29 nit: move to right before use
ananta 2013/10/24 22:59:50 Done.
41 OBJECT_ATTRIBUTES symbolic_link_directory_attributes = {};
42 UNICODE_STRING symbolic_link_directory_string = {};
43 InitObjectAttribs(directory_name, OBJ_CASE_INSENSITIVE, NULL,
44 &symbolic_link_directory_attributes,
45 &symbolic_link_directory_string);
46
47 NTSTATUS status = NtOpenDirectoryObject(&symbolic_link_directory,
48 DIRECTORY_QUERY,
49 &symbolic_link_directory_attributes);
50 if (status != STATUS_SUCCESS) {
51 NOTREACHED() << "Failed to open symbolic link directory. Error: "
rvargas (doing something else) 2013/10/24 22:18:29 nit: remove | dlog
ananta 2013/10/24 22:59:50 Done.
52 << status;
53 return status;
54 }
55
56 HANDLE symbolic_link = NULL;
57 OBJECT_ATTRIBUTES symbolic_link_attributes = {};
58 UNICODE_STRING name_string = {};
59 InitObjectAttribs(name, OBJ_CASE_INSENSITIVE, symbolic_link_directory,
60 &symbolic_link_attributes, &name_string);
61 status = NtOpenSymbolicLinkObject(&symbolic_link, GENERIC_READ,
62 &symbolic_link_attributes);
63 NtClose(symbolic_link_directory);
64 if (status != STATUS_SUCCESS) {
65 NOTREACHED() << "Failed to open symbolic link Error: " << status;
rvargas (doing something else) 2013/10/24 22:18:29 nit: remove
ananta 2013/10/24 22:59:50 Replaced with DLOG
66 return status;
67 }
68
69 UNICODE_STRING target_path = {};
70 unsigned long target_length = 0;
71 status = NtQuerySymbolicLinkObject(symbolic_link, &target_path,
72 &target_length);
73 if (!target_length) {
rvargas (doing something else) 2013/10/24 22:18:29 status != STATUS_BUFFER_OVERFLOW ?
ananta 2013/10/24 22:59:50 Done.
ananta 2013/10/24 22:59:50 Replaced with status != STATUS_BUFFER_TOO_SMALL
74 NtClose(symbolic_link);
75 NOTREACHED() << "Failed to get length for symbolic link target. Error: "
rvargas (doing something else) 2013/10/24 22:18:29 nit: remove
ananta 2013/10/24 22:59:50 Replaced with DLOG
76 << status;
77 return status;
78 }
79
80 target_path.Buffer = new wchar_t[target_length + 1];
81 target_path.Length = 0;
82 target_path.MaximumLength = target_length;
83 status = NtQuerySymbolicLinkObject(symbolic_link, &target_path,
84 &target_length);
85 if (status == STATUS_SUCCESS) {
86 target->assign(target_path.Buffer, target_length);
87 } else {
88 NOTREACHED() << "Failed to resolve symbolic link. Error: " << status;
rvargas (doing something else) 2013/10/24 22:18:29 nit: remove
ananta 2013/10/24 22:59:50 Replaced with DLOG
89 }
90
91 NtClose(symbolic_link);
92 delete[] target_path.Buffer;
93 return status;
94 }
95
96 NTSTATUS GetBaseNamedObjectsDirectory(HANDLE* directory) {
97 static HANDLE base_named_objects_handle = NULL;
98 if (base_named_objects_handle) {
99 *directory = base_named_objects_handle;
100 return STATUS_SUCCESS;
101 }
102
103 NtOpenDirectoryObjectFunction NtOpenDirectoryObject = NULL;
104 ResolveNTFunctionPtr("NtOpenDirectoryObject", &NtOpenDirectoryObject);
105
106 DWORD session_id = 0;
107 ProcessIdToSessionId(::GetCurrentProcessId(), &session_id);
108
109 std::wstring base_named_objects_path;
110
111 NTSTATUS status = ResolveSymbolicLink(L"\\Sessions\\BNOLINKS",
112 base::StringPrintf(L"%d", session_id),
113 &base_named_objects_path);
114 if (status != STATUS_SUCCESS) {
115 NOTREACHED() << "Failed to resolve BaseNamedObjects path. Error: "
rvargas (doing something else) 2013/10/24 22:18:29 nit: remove
ananta 2013/10/24 22:59:50 Replaced with DLOG
116 << status;
117 return status;
118 }
119
120 UNICODE_STRING directory_name = {};
121 OBJECT_ATTRIBUTES object_attributes = {};
122 InitObjectAttribs(base_named_objects_path, OBJ_CASE_INSENSITIVE, NULL,
123 &object_attributes, &directory_name);
124 status = NtOpenDirectoryObject(&base_named_objects_handle,
125 DIRECTORY_ALL_ACCESS,
126 &object_attributes);
127 if (status == STATUS_SUCCESS)
128 *directory = base_named_objects_handle;
129 return status;
130 }
131
18 bool SyncPolicy::GenerateRules(const wchar_t* name, 132 bool SyncPolicy::GenerateRules(const wchar_t* name,
19 TargetPolicy::Semantics semantics, 133 TargetPolicy::Semantics semantics,
20 LowLevelPolicy* policy) { 134 LowLevelPolicy* policy) {
21 std::wstring mod_name(name); 135 std::wstring mod_name(name);
22 if (mod_name.empty()) { 136 if (mod_name.empty()) {
23 return false; 137 return false;
24 } 138 }
25 139
26 if (TargetPolicy::EVENTS_ALLOW_ANY != semantics && 140 if (TargetPolicy::EVENTS_ALLOW_ANY != semantics &&
27 TargetPolicy::EVENTS_ALLOW_READONLY != semantics) { 141 TargetPolicy::EVENTS_ALLOW_READONLY != semantics) {
(...skipping 29 matching lines...) Expand all
57 if (!policy->AddRule(IPC_CREATEEVENT_TAG, &create)) 171 if (!policy->AddRule(IPC_CREATEEVENT_TAG, &create))
58 return false; 172 return false;
59 } 173 }
60 174
61 return true; 175 return true;
62 } 176 }
63 177
64 DWORD SyncPolicy::CreateEventAction(EvalResult eval_result, 178 DWORD SyncPolicy::CreateEventAction(EvalResult eval_result,
65 const ClientInfo& client_info, 179 const ClientInfo& client_info,
66 const std::wstring &event_name, 180 const std::wstring &event_name,
67 uint32 manual_reset, 181 uint32 event_type,
68 uint32 initial_state, 182 uint32 initial_state,
69 HANDLE *handle) { 183 HANDLE *handle) {
184 NtCreateEventFunction NtCreateEvent = NULL;
185 ResolveNTFunctionPtr("NtCreateEvent", &NtCreateEvent);
186
70 // The only action supported is ASK_BROKER which means create the requested 187 // The only action supported is ASK_BROKER which means create the requested
71 // file as specified. 188 // file as specified.
72 if (ASK_BROKER != eval_result) 189 if (ASK_BROKER != eval_result)
73 return false; 190 return false;
74 191
75 HANDLE local_handle = ::CreateEvent(NULL, manual_reset, initial_state, 192 HANDLE object_directory = NULL;
76 event_name.c_str()); 193 NTSTATUS status = GetBaseNamedObjectsDirectory(&object_directory);
194 if (status != STATUS_SUCCESS)
195 return status;
196
197 UNICODE_STRING unicode_event_name = {};
198 OBJECT_ATTRIBUTES object_attributes = {};
199 InitObjectAttribs(event_name, OBJ_CASE_INSENSITIVE, object_directory,
200 &object_attributes, &unicode_event_name);
201
202 HANDLE local_handle = NULL;
203 status = NtCreateEvent(&local_handle, EVENT_ALL_ACCESS, &object_attributes,
204 static_cast<EVENT_TYPE>(event_type), initial_state);
77 if (NULL == local_handle) 205 if (NULL == local_handle)
78 return ::GetLastError(); 206 return status;
79 207
80 if (!::DuplicateHandle(::GetCurrentProcess(), local_handle, 208 if (!::DuplicateHandle(::GetCurrentProcess(), local_handle,
81 client_info.process, handle, 0, FALSE, 209 client_info.process, handle, 0, FALSE,
82 DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS)) { 210 DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS)) {
83 return ERROR_ACCESS_DENIED; 211 return STATUS_ACCESS_DENIED;
84 } 212 }
85 return ERROR_SUCCESS; 213 return status;
86 } 214 }
87 215
88 DWORD SyncPolicy::OpenEventAction(EvalResult eval_result, 216 DWORD SyncPolicy::OpenEventAction(EvalResult eval_result,
89 const ClientInfo& client_info, 217 const ClientInfo& client_info,
90 const std::wstring &event_name, 218 const std::wstring &event_name,
91 uint32 desired_access, 219 uint32 desired_access,
92 uint32 inherit_handle,
93 HANDLE *handle) { 220 HANDLE *handle) {
221 NtOpenEventFunction NtOpenEvent = NULL;
222 ResolveNTFunctionPtr("NtOpenEvent", &NtOpenEvent);
223
94 // The only action supported is ASK_BROKER which means create the requested 224 // The only action supported is ASK_BROKER which means create the requested
95 // file as specified. 225 // event as specified.
96 if (ASK_BROKER != eval_result) 226 if (ASK_BROKER != eval_result)
97 return false; 227 return false;
98 228
99 HANDLE local_handle = ::OpenEvent(desired_access, FALSE, 229 HANDLE object_directory = NULL;
100 event_name.c_str()); 230 NTSTATUS status = GetBaseNamedObjectsDirectory(&object_directory);
231 if (status != STATUS_SUCCESS)
232 return status;
233
234 UNICODE_STRING unicode_event_name = {};
235 OBJECT_ATTRIBUTES object_attributes = {};
236 InitObjectAttribs(event_name, OBJ_CASE_INSENSITIVE, object_directory,
237 &object_attributes, &unicode_event_name);
238
239 HANDLE local_handle = NULL;
240 status = NtOpenEvent(&local_handle, desired_access, &object_attributes);
101 if (NULL == local_handle) 241 if (NULL == local_handle)
102 return ::GetLastError(); 242 return status;
103 243
104 if (!::DuplicateHandle(::GetCurrentProcess(), local_handle, 244 if (!::DuplicateHandle(::GetCurrentProcess(), local_handle,
105 client_info.process, handle, 0, inherit_handle, 245 client_info.process, handle, 0, FALSE,
106 DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS)) { 246 DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS)) {
107 return ERROR_ACCESS_DENIED; 247 return STATUS_ACCESS_DENIED;
108 } 248 }
109 return ERROR_SUCCESS; 249 return status;
110 } 250 }
111 251
112 } // namespace sandbox 252 } // namespace sandbox
OLDNEW
« no previous file with comments | « sandbox/win/src/sync_policy.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698